Make SIZE OF constraint operational (#46)

Changes `ValueSizeConstraint` erroneously applied to `SequenceOf` and `SetOf` objects via `subtypeConstraint` attribute to be applied via `sizeSpec` attribute. Although `sizeSpec` takes the same constraint objects as `subtypeConstraint`, the former is only verified on de/serialization i.e. when the [constructed] object at hand is fully populated, while the latter is applied to [scalar] types at the moment of instantiation. This change also bumps pyasn1 requirement to 0.4.6.
etingof · Jul 31, 2019 · 3e2e441 · 3e2e441
1 parent a2a8bbb
commit 3e2e441
Show file tree

Hide file tree

Showing 23 changed files with 117 additions and 105 deletions.
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -34,6 +34,13 @@ Revision 0.2.6, released XX-07-2019
   RFC 3779, RFC 4055, RFC 4073, RFC 4108, RFC 5035, RFC 5083, RFC 5480,
   RFC 5940, RFC 5958, RFC 6010, RFC 6019, RFC 6402, RFC 7191, RFC 8226,
   and RFC 8520
+- Changed `ValueSizeConstraint` erroneously applied to `SequenceOf`
+  and `SetOf` objects via `subtypeConstraint` attribute to be applied
+  via `sizeSpec` attribute. Although `sizeSpec` takes the same constraint
+  objects as `subtypeConstraint`, the former is only verified on
+  de/serialization i.e. when the [constructed] object at hand is fully
+  populated, while the latter is applied to [scalar] types at the moment
+  of instantiation.
 
 Revision 0.2.5, released 24-04-2019
 -----------------------------------

diff --git a/pyasn1_modules/rfc1905.py b/pyasn1_modules/rfc1905.py
@@ -42,7 +42,7 @@ class VarBind(univ.Sequence):
 
 class VarBindList(univ.SequenceOf):
     componentType = VarBind()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(
         0, max_bindings
     )
 

diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py
@@ -269,13 +269,13 @@ class DigestInfo(univ.Sequence):
 class SignedData(univ.Sequence):
     componentType = namedtype.NamedTypes(
         namedtype.NamedType('version', Version()),
-        namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
+        namedtype.OptionalNamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
         namedtype.NamedType('contentInfo', ContentInfo()),
         namedtype.OptionalNamedType('certificates', ExtendedCertificatesAndCertificates().subtype(
             implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
         namedtype.OptionalNamedType('crls', CertificateRevocationLists().subtype(
             implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
-        namedtype.NamedType('signerInfos', SignerInfos())
+        namedtype.OptionalNamedType('signerInfos', SignerInfos())
     )
 
 

diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py
@@ -354,7 +354,7 @@ class TeletexDomainDefinedAttribute(univ.Sequence):
 
 class TeletexDomainDefinedAttributes(univ.SequenceOf):
     componentType = TeletexDomainDefinedAttribute()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
 
 
 terminal_type = univ.Integer(23)
@@ -545,7 +545,7 @@ class TeletexOrganizationalUnitName(char.TeletexString):
 
 class TeletexOrganizationalUnitNames(univ.SequenceOf):
     componentType = TeletexOrganizationalUnitName()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units)
 
 
 teletex_personal_name = univ.Integer(4)
@@ -601,7 +601,7 @@ class ExtensionAttribute(univ.Sequence):
 
 class ExtensionAttributes(univ.SetOf):
     componentType = ExtensionAttribute()
-    subtypeSpec = univ.SetOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes)
+    sizeSpec = univ.SetOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes)
 
 
 class BuiltInDomainDefinedAttribute(univ.Sequence):
@@ -615,16 +615,16 @@ class BuiltInDomainDefinedAttribute(univ.Sequence):
 
 class BuiltInDomainDefinedAttributes(univ.SequenceOf):
     componentType = BuiltInDomainDefinedAttribute()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
 
 
 class OrganizationalUnitName(char.PrintableString):
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length)
+    subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length)
 
 
 class OrganizationalUnitNames(univ.SequenceOf):
     componentType = OrganizationalUnitName()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units)
 
 
 class PersonalName(univ.Set):
@@ -771,7 +771,7 @@ class CRLReason(univ.Enumerated):
 
 
 class CRLNumber(univ.Integer):
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(0, MAX)
+    subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX)
 
 
 class BaseCRLNumber(CRLNumber):
@@ -796,7 +796,7 @@ class KeyPurposeId(univ.ObjectIdentifier):
 
 class ExtKeyUsageSyntax(univ.SequenceOf):
     componentType = KeyPurposeId()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 class ReasonFlags(univ.BitString):
@@ -925,7 +925,7 @@ class PolicyInformation(univ.Sequence):
 
 class CertificatePolicies(univ.SequenceOf):
     componentType = PolicyInformation()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33')
@@ -940,7 +940,7 @@ class PolicyMapping(univ.Sequence):
 
 class PolicyMappings(univ.SequenceOf):
     componentType = PolicyMapping()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16')
@@ -1024,7 +1024,7 @@ class Attribute(univ.Sequence):
 
 class SubjectDirectoryAttributes(univ.SequenceOf):
     componentType = Attribute()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 class RelativeDistinguishedName(univ.SetOf):
@@ -1077,7 +1077,7 @@ class GeneralName(univ.Choice):
 
 class GeneralNames(univ.SequenceOf):
     componentType = GeneralName()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 class AccessDescription(univ.Sequence):
@@ -1089,7 +1089,7 @@ class AccessDescription(univ.Sequence):
 
 class AuthorityInfoAccessSyntax(univ.SequenceOf):
     componentType = AccessDescription()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 class AuthorityKeyIdentifier(univ.Sequence):
@@ -1125,7 +1125,7 @@ class DistributionPoint(univ.Sequence):
 
 class CRLDistPointsSyntax(univ.SequenceOf):
     componentType = DistributionPoint()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 class IssuingDistributionPoint(univ.Sequence):
@@ -1155,7 +1155,7 @@ class GeneralSubtree(univ.Sequence):
 
 class GeneralSubtrees(univ.SequenceOf):
     componentType = GeneralSubtree()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 class NameConstraints(univ.Sequence):

diff --git a/pyasn1_modules/rfc2511.py b/pyasn1_modules/rfc2511.py
@@ -109,7 +109,7 @@ class PKIPublicationInfo(univ.Sequence):
         namedtype.NamedType('action',
                             univ.Integer(namedValues=namedval.NamedValues(('dontPublish', 0), ('pleasePublish', 1)))),
         namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(
-            subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
+            sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
     )
 
 
@@ -195,7 +195,7 @@ class ProofOfPossession(univ.Choice):
 
 class Controls(univ.SequenceOf):
     componentType = AttributeTypeAndValue()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
 
 
 class OptionalValidity(univ.Sequence):
@@ -249,10 +249,10 @@ class CertReqMsg(univ.Sequence):
         namedtype.NamedType('certReq', CertRequest()),
         namedtype.OptionalNamedType('pop', ProofOfPossession()),
         namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype(
-            subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
+            sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
     )
 
 
 class CertReqMessages(univ.SequenceOf):
     componentType = CertReqMsg()
-    subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
diff --git a/pyasn1_modules/rfc2634.py b/pyasn1_modules/rfc2634.py
@@ -101,11 +101,11 @@ class MLReceiptPolicy(univ.Choice):
         tag.tagClassContext, tag.tagFormatSimple, 0))),
     namedtype.NamedType('insteadOf', univ.SequenceOf(
         componentType=GeneralNames()).subtype(
-        subtypeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
+        sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
     namedtype.NamedType('inAdditionTo', univ.SequenceOf(
         componentType=GeneralNames()).subtype(
-        subtypeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
+        sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
 )
 
@@ -123,7 +123,7 @@ class MLExpansionHistory(univ.SequenceOf):
     pass
 
 MLExpansionHistory.componentType = MLData()
-MLExpansionHistory.subtypeSpec=constraint.ValueSizeConstraint(1, ub_ml_expansion_history)
+MLExpansionHistory.sizeSpec = constraint.ValueSizeConstraint(1, ub_ml_expansion_history)
 
 
 # ESS Security Label Attribute
@@ -182,7 +182,7 @@ class SecurityCategories(univ.SetOf):
     pass
 
 SecurityCategories.componentType = SecurityCategory()
-SecurityCategories.subtypeSpec=constraint.ValueSizeConstraint(1, ub_security_categories)
+SecurityCategories.sizeSpec = constraint.ValueSizeConstraint(1, ub_security_categories)
 
 
 class ESSSecurityLabel(univ.Set):
@@ -282,7 +282,7 @@ class ReceiptRequest(univ.Sequence):
 ReceiptRequest.componentType = namedtype.NamedTypes(
     namedtype.NamedType('signedContentIdentifier', ContentIdentifier()),
     namedtype.NamedType('receiptsFrom', ReceiptsFrom()),
-    namedtype.NamedType('receiptsTo', univ.SequenceOf(componentType=GeneralNames()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_receiptsTo)))
+    namedtype.NamedType('receiptsTo', univ.SequenceOf(componentType=GeneralNames()).subtype(sizeSpec=constraint.ValueSizeConstraint(1, ub_receiptsTo)))
 )
 
 # Receipt Content Type

diff --git a/pyasn1_modules/rfc2986.py b/pyasn1_modules/rfc2986.py
@@ -45,12 +45,14 @@
 class Attributes(univ.SetOf):
     pass
 
+
 Attributes.componentType = Attribute()
 
 
 class CertificationRequestInfo(univ.Sequence):
     pass
 
+
 CertificationRequestInfo.componentType = namedtype.NamedTypes(
     namedtype.NamedType('version', univ.Integer()),
     namedtype.NamedType('subject', Name()),
@@ -65,6 +67,7 @@ class CertificationRequestInfo(univ.Sequence):
 class CertificationRequest(univ.Sequence):
     pass
 
+
 CertificationRequest.componentType = namedtype.NamedTypes(
     namedtype.NamedType('certificationRequestInfo', CertificationRequestInfo()),
     namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),